Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting

PHPJabbers Cleaning Business Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

Packet Storm
Open in Source
#xss#vulnerability#web#windows#linux#git#php#auth
PHPJabbers Cleaning Business Software 1.0 Missing Rate Limiting

PHPJabbers Cleaning Business Software version 1.0 suffers from multiple missing rate limiting vulnerabilities.

PHPJabbers Shared Asset Booking System 1.0 Cross Site Scripting

PHPJabbers Shared Asset Booking System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

Mirai-based NoaBot Botnet Targeting Linux Systems with Cryptominer

By Deeba Ahmed Another day, another malware threat against Linux systems! This is a post from HackRead.com Read the original post: Mirai-based NoaBot Botnet Targeting Linux Systems with Cryptominer

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (

Gentoo Linux Security Advisory 202401-14

Gentoo Linux Security Advisory 202401-14 - A denial of service vulnerability has been found in RedCloth. Versions greater than or equal to 4.3.2-r5 are affected.

Gentoo Linux Security Advisory 202401-13

Gentoo Linux Security Advisory 202401-13 - Multiple denial of service vulnerabilities have been found in FAAD2. Versions greater than or equal to 2.11.0 are affected.

Ubuntu Security Notice USN-6573-1

Ubuntu Security Notice 6573-1 - Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6572-1

Ubuntu Security Notice 6572-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6548-4

Ubuntu Security Notice 6548-4 - It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service.